Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/595024-8bff-4f18-8ccb-69a44f048db8/1/Lzej5VZ4HKwZJKAPDwbS9jXGcwc.roa
File: Lzej5VZ4HKwZJKAPDwbS9jXGcwc.roa (raw, json)
Hash identifier: HnUxl+oJWsfb+p7InVynLDW2Eiil6+26Dfno4jpAEo8=
Subject key identifier: 2F:37:A3:E5:56:78:1C:AC:19:24:A0:0F:0F:06:D2:F6:35:C6:73:07
Certificate issuer: /CN=6b22ad4cf647a48b631ff84f227ea0252130552d
Certificate serial: 018CCA284D1DE241652CC8007F01607050FD
Authority key identifier: 6B:22:AD:4C:F6:47:A4:8B:63:1F:F8:4F:22:7E:A0:25:21:30:55:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayKtTPZHpItjH_hPIn6gJSEwVS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/595024-8bff-4f18-8ccb-69a44f048db8/1/Lzej5VZ4HKwZJKAPDwbS9jXGcwc.roa
Signing time: Tue 02 Jan 2024 12:31:27 +0000
ROA not before: Tue 02 Jan 2024 12:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149440
IP address blocks: 193.247.144.0/24 maxlen: 24
91.218.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/595024-8bff-4f18-8ccb-69a44f048db8/1/ayKtTPZHpItjH_hPIn6gJSEwVS0.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/595024-8bff-4f18-8ccb-69a44f048db8/1/ayKtTPZHpItjH_hPIn6gJSEwVS0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayKtTPZHpItjH_hPIn6gJSEwVS0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:4d:1d:e2:41:65:2c:c8:00:7f:01:60:70:50:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b22ad4cf647a48b631ff84f227ea0252130552d
Validity
Not Before: Jan 2 12:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f37a3e556781cac1924a00f0f06d2f635c67307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:18:ba:f1:62:9b:b8:2f:8c:64:5a:47:c7:89:
93:c6:29:2f:f7:e5:af:dd:7d:0e:20:b5:59:4b:c9:
92:12:93:d7:a1:82:44:bc:00:c1:39:45:ee:a4:74:
14:09:19:61:44:25:3f:cd:e5:68:3d:92:9c:c3:2c:
e9:d3:28:d8:48:52:72:fb:25:c5:1d:5a:f5:cb:4d:
a6:a6:d9:06:16:1a:d6:ba:c8:11:d1:8c:75:ea:02:
a1:e3:db:c5:d5:9d:92:db:f8:9d:d5:bc:0c:90:d9:
10:24:42:c0:55:c9:ed:f6:59:58:7d:1f:06:9c:d7:
1e:b6:91:c2:b1:02:4c:dd:a7:69:0f:45:a8:a2:f1:
a4:c2:b2:71:0c:3f:87:14:03:24:e0:98:25:d6:2e:
cf:3d:bd:94:e4:4a:3d:02:1a:7f:02:8b:29:1d:19:
66:9f:87:30:8a:c9:50:57:5e:d0:c0:27:a4:70:7a:
7b:90:f0:86:0e:31:6d:10:00:b2:60:2b:94:20:86:
11:d5:2f:16:70:41:3b:f7:23:3a:06:cc:a9:47:a1:
eb:58:37:29:87:85:f4:17:4b:9c:8f:95:8c:9c:9d:
47:81:5d:12:7a:25:06:02:ac:db:bc:d7:56:1a:19:
c0:57:98:78:6b:b7:32:28:df:f3:33:35:8b:8a:36:
11:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:37:A3:E5:56:78:1C:AC:19:24:A0:0F:0F:06:D2:F6:35:C6:73:07
X509v3 Authority Key Identifier:
keyid:6B:22:AD:4C:F6:47:A4:8B:63:1F:F8:4F:22:7E:A0:25:21:30:55:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayKtTPZHpItjH_hPIn6gJSEwVS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/595024-8bff-4f18-8ccb-69a44f048db8/1/Lzej5VZ4HKwZJKAPDwbS9jXGcwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/595024-8bff-4f18-8ccb-69a44f048db8/1/ayKtTPZHpItjH_hPIn6gJSEwVS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.183.0/24
193.247.144.0/24
Signature Algorithm: sha256WithRSAEncryption
10:d8:3a:e0:0c:ac:46:d3:95:bb:ad:3d:d4:98:7a:e2:33:96:
09:86:1f:1d:f9:68:f3:3c:a9:16:4e:be:a0:88:6b:f4:31:af:
13:16:fc:2d:cb:0a:38:46:e5:11:99:b6:3d:2e:d6:df:42:3e:
34:e7:d8:d6:5e:64:fe:66:3c:7f:53:94:c4:5d:15:f3:9b:ae:
ae:d8:a8:c7:42:ec:f3:62:10:24:d9:f3:9d:55:6f:79:8a:86:
20:00:c9:95:31:f4:8b:d1:e8:0c:06:bd:f4:9a:82:79:bb:f6:
c8:3c:ee:25:4f:f7:23:3b:38:f2:e5:72:4e:9b:0d:11:d2:c8:
f9:99:e7:cb:30:e0:3a:21:85:94:3f:14:83:5d:e7:f1:5d:03:
fa:89:22:fa:31:f5:92:97:ec:09:0c:90:c5:f3:74:9e:a9:58:
45:9c:7b:89:6f:06:22:04:99:2c:49:fd:ee:57:0f:87:dc:d5:
48:e7:48:8b:f7:4e:c9:20:c9:bc:7c:1d:4c:1d:1c:79:92:07:
33:46:53:43:4e:e6:6b:d9:a0:2b:eb:d8:76:2c:9f:0e:f2:db:
e4:4d:85:86:57:9f:39:78:d7:29:33:8e:0c:3e:91:bf:de:12:
80:79:bd:65:0c:a8:4c:b3:d9:a9:3c:98:28:88:92:10:f4:27:
2d:83:55:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKE0d4kFlLMgAfwFgcFD9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjJhZDRjZjY0N2E0OGI2MzFmZjg0ZjIyN2VhMDI1MjEz
MDU1MmQwHhcNMjQwMTAyMTIzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjM3YTNlNTU2NzgxY2FjMTkyNGEwMGYwZjA2ZDJmNjM1YzY3MzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBi68WKbuC+MZFpHx4mTxikv9+Wv
3X0OILVZS8mSEpPXoYJEvADBOUXupHQUCRlhRCU/zeVoPZKcwyzp0yjYSFJy+yXF
HVr1y02mptkGFhrWusgR0Yx16gKh49vF1Z2S2/id1bwMkNkQJELAVcnt9llYfR8G
nNcetpHCsQJM3adpD0WoovGkwrJxDD+HFAMk4Jgl1i7PPb2U5Eo9Ahp/AospHRlm
n4cwislQV17QwCekcHp7kPCGDjFtEACyYCuUIIYR1S8WcEE79yM6BsypR6HrWDcp
h4X0F0ucj5WMnJ1HgV0SeiUGAqzbvNdWGhnAV5h4a7cyKN/zMzWLijYRwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC83o+VWeBysGSSgDw8G0vY1xnMHMB8GA1UdIwQY
MBaAFGsirUz2R6SLYx/4TyJ+oCUhMFUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlLdFRQWkhwSXRqSF9oUEluNmdKU0V3VlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC81OTUwMjQtOGJmZi00ZjE4LThjY2It
NjlhNDRmMDQ4ZGI4LzEvTHplajVWWjRIS3daSktBUER3YlM5alhHY3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC81OTUwMjQtOGJmZi00ZjE4LThjY2ItNjlhNDRmMDQ4ZGI4
LzEvYXlLdFRQWkhwSXRqSF9oUEluNmdKU0V3VlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9q3AwQA
wfeQMA0GCSqGSIb3DQEBCwUAA4IBAQAQ2DrgDKxG05W7rT3UmHriM5YJhh8d+Wjz
PKkWTr6giGv0Ma8TFvwtywo4RuURmbY9LtbfQj4059jWXmT+Zjx/U5TEXRXzm66u
2KjHQuzzYhAk2fOdVW95ioYgAMmVMfSL0egMBr30moJ5u/bIPO4lT/cjOzjy5XJO
mw0R0sj5mefLMOA6IYWUPxSDXefxXQP6iSL6MfWSl+wJDJDF83SeqVhFnHuJbwYi
BJksSf3uVw+H3NVI50iL907JIMm8fB1MHRx5kgczRlNDTuZr2aAr69h2LJ8O8tvk
TYWGV585eNcpM44MPpG/3hKAeb1lDKhMs9mpPJgoiJIQ9Cctg1WW
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:37:26 2024 by rpki-client on console-ams.rpki-client.org